AbsIntIO: Towards Showing the Absence of Integer Overflows in Binaries using Abstract Interpretation

Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security Pub Date : 2023-07-10 DOI:10.1145/3579856.3582814

Alexander Kuechler, Leon Wenning, F. Wendland

{"title":"AbsIntIO: Towards Showing the Absence of Integer Overflows in Binaries using Abstract Interpretation","authors":"Alexander Kuechler, Leon Wenning, F. Wendland","doi":"10.1145/3579856.3582814","DOIUrl":null,"url":null,"abstract":"In the past years, the CWE-190 integer overflow led to many vulnerabilities. Program verification techniques such as Abstract Interpretation can show that no such bug is present in a given program. To date, such techniques often aim to verify the correctness of source code. However, as the source code is not always available or might not have been subject to such an analysis, it is advisable to apply abstract integer range analysis to the binary. However, analyzing binaries imposes other challenges which are not always addressed accurately by existing analysis tools. As an example, some tools fail to model bitwise operators, recover type information or do not account for compiler optimizations. We propose techniques to address these limitations and illustrate their effects in our configurable reference implementation AbsIntIO. AbsIntIO applies abstract integer range analysis to binaries with the goal to show that no integer overflow is possible. We evaluate the effects of the improvements and observed a reduction of the error rates. Hence, the improvements provide a step towards verifying the correctness of binaries.","PeriodicalId":156082,"journal":{"name":"Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3579856.3582814","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In the past years, the CWE-190 integer overflow led to many vulnerabilities. Program verification techniques such as Abstract Interpretation can show that no such bug is present in a given program. To date, such techniques often aim to verify the correctness of source code. However, as the source code is not always available or might not have been subject to such an analysis, it is advisable to apply abstract integer range analysis to the binary. However, analyzing binaries imposes other challenges which are not always addressed accurately by existing analysis tools. As an example, some tools fail to model bitwise operators, recover type information or do not account for compiler optimizations. We propose techniques to address these limitations and illustrate their effects in our configurable reference implementation AbsIntIO. AbsIntIO applies abstract integer range analysis to binaries with the goal to show that no integer overflow is possible. We evaluate the effects of the improvements and observed a reduction of the error rates. Hence, the improvements provide a step towards verifying the correctness of binaries.

查看原文本刊更多论文

使用抽象解释来显示二进制文件中不存在整数溢出

在过去的几年中，CWE-190整数溢出导致了许多漏洞。诸如抽象解释之类的程序验证技术可以显示在给定的程序中不存在这样的错误。迄今为止，此类技术的目的通常是验证源代码的正确性。但是，由于源代码并不总是可用的，或者可能没有进行过这样的分析，因此建议对二进制应用抽象整数范围分析。然而，分析二进制文件带来了其他挑战，现有的分析工具并不总是能准确地解决这些挑战。例如，一些工具无法对位运算符建模、恢复类型信息或没有考虑编译器优化。我们提出了解决这些限制的技术，并在我们的可配置参考实现AbsIntIO中说明了它们的影响。AbsIntIO将抽象整数范围分析应用于二进制文件，目的是显示不可能出现整数溢出。我们评估了改进的效果，并观察到错误率的降低。因此，这些改进为验证二进制文件的正确性提供了一步。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security

自引率

0.00%

发文量